Shared Bookmarks

776 links

Links per page: 20 50 100

◄Older

page 11 / 39

Newer►

Finding Bugs in Windows Drivers, Part 1 – WDM
October 5, 2022 at 2:55:38 PM UTC - permalink -

- https://www.cyberark.com/resources/threat-research-blog/finding-bugs-in-windows-drivers-part-1-wdm

windows windev driver exploit primitive fuzzing kernel
One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11 – Winsider Seminars & Solutions Inc.
October 5, 2022 at 2:54:53 PM UTC - permalink -

- https://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/

windows windev driver exploit primitive
ivanlef0u.fr/repo/madchat/
October 3, 2022 at 3:37:56 PM UTC - permalink -

- https://ivanlef0u.fr/repo/madchat/

madchat mirror ezine ivan
Ethernaut
October 3, 2022 at 2:33:54 PM UTC - permalink -

- https://ethernaut.openzeppelin.com/

wargame ctf blockchain web3
lgandx/PCredz: This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
October 3, 2022 at 12:38:30 PM UTC - permalink -

- https://github.com/lgandx/PCredz

tcpdump parse extract
naksyn/Pyramid: a tool to help operate in EDRs' blind spots
October 3, 2022 at 12:38:08 PM UTC - permalink -

- https://github.com/naksyn/Pyramid

edr bypass av
GLPI htmlawed (CVE-2022-35914) | Mayfly
October 3, 2022 at 10:42:31 AM UTC - permalink -

- https://mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914/

glpi rce
Malware development: persistence - part 1. Registry run keys. C++ example. - cocomelonc
September 30, 2022 at 2:11:09 PM UTC - permalink -

- https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html

maldev series tuto
APT techniques: Access Token manipulation. Token theft. Simple C++ example. - cocomelonc
September 30, 2022 at 2:09:44 PM UTC - permalink -

- https://cocomelonc.github.io/tutorial/2022/09/25/token-theft-1.html

windows token theft
Windows Kernel Ps Callbacks Experiments · shut up and hack
September 29, 2022 at 11:50:10 PM UTC - permalink -

- http://blog.deniable.org/posts/windows-callbacks/

windows callback kernel drivers
Active Directory Pentest Lab - Setup | MATRIX.LOCAL - Hebun ilhanlı
September 29, 2022 at 7:10:43 PM UTC - permalink -

- https://www.hebunilhanli.com/wonderland/ad-pentest/ad-pentest-lab-setup/

lab pentest ad internal
No-Fix Local Privilege Escalation Using KrbRelay With Shadow Credentials | Icyguider’s Blog
September 29, 2022 at 3:58:17 PM UTC * - permalink -

- https://icyguider.github.io/2022/05/19/NoFix-LPE-Using-KrbRelay-With-Shadow-Credentials.html

krbrelayup krbrelay nimcrypt no-fix windows lpe ad internal
xm1k3/cent: Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
September 29, 2022 at 12:45:45 AM UTC - permalink -

- https://github.com/xm1k3/cent/

nuclei auto bb templates
NightRang3r/misc_nuclei_templates
September 29, 2022 at 12:45:21 AM UTC - permalink -

- https://github.com/NightRang3r/misc_nuclei_templates

nuclei auto bb templates
dl.packetstormsecurity.net/9910-exploits/webfolders.txt

https://defcon.org/images/defcon-11/dc-11-presentations/dc-11-Shannon/presentations/dc-11-shannon.pdf
https://www.zerodayinitiative.com/blog/2021/6/1/cve-2021-31181-microsoft-sharepoint-webpart-interpretation-conflict-remote-code-execution-vulnerability
September 28, 2022 at 9:35:58 PM UTC * - permalink -

- https://dl.packetstormsecurity.net/9910-exploits/webfolders.txt

frontpage _vti_rpc vti sharepoint webfolders
mlgualtieri/NTLMRawUnHide: NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl

https://www.mike-gualtieri.com/posts/live-off-the-land-and-crack-the-ntlmssp-protocol
September 28, 2022 at 2:42:02 PM UTC - permalink -

- https://github.com/mlgualtieri/NTLMRawUnHide

ntlmv2 windows ntlm network sniffer
Windows 10 quietly got a built-in network sniffer, how to use

pktmon filter add -p 445
pktmon start --etw -p 0 -c 13
pktmon format PktMon.etl -o test.txt
pktmon pcapng <input> -o <output>
pktmon start --etw -p 0 -c 13 -l real-time
pktmon start --etw --pkt-size 0 --comp 1
September 28, 2022 at 2:35:41 PM UTC - permalink -

- https://www.bleepingcomputer.com/news/microsoft/windows-10-quietly-got-a-built-in-network-sniffer-how-to-use/

pktmon sniffer networking windows rpc 445
jakejarvis/awesome-shodan-queries: 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
September 27, 2022 at 10:34:17 PM UTC - permalink -

- https://github.com/jakejarvis/awesome-shodan-queries

awesome shodan queries
5pider on Twitter: "90% of my Twitter DMs are asking me about how to start getting into Malware development. Well, I love answering them but it's easier to write a small thread about it so here we go. 1/12" / Twitter
September 27, 2022 at 12:35:33 PM UTC - permalink -

- https://twitter.com/C5pider/status/1555256779553906694

maldev
FourCoreLabs/EDRHunt: Scan installed EDRs and AVs on Windows
September 27, 2022 at 9:00:47 AM UTC - permalink -

- https://github.com/FourCoreLabs/EDRHunt

edr av hunt check install

Links per page: 20 50 100

◄Older

page 11 / 39

Newer►